9th December 2023
|
Administrator
|
|
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,167
|
|
Polish train maker denies claims its software bricked trains maintained by competitor
From https://www.theregister.com/2023/12/...ed_allegation/:
Quote:
A trio of Polish security researchers claim to have found that trains built by Newag SA contain software that sabotages them if the hardware is serviced by competitors.
Newag, a Polish train maker, emphatically denied that it installed such software in a statement [PDF, Polish] issued Wednesday, attributing any issues to unknown hackers.
The rolling stock and engineering business insists its software is correct and that it did not design the trains' programming logic to fail under specific conditions, as has been claimed.
[snip]
"We found that the PLC [programmable logic controller] code actually contained logic that would lock up the train with bogus error codes after some date, or if the train wasn't running for a given time," Bazański wrote. "One version of the controller actually contained GPS coordinates to contain the behavior to third-party workshops."
|
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|